Cyberspace (proposal)
Individual Zones Individual zones represent the computer network, or at least a part of it, within a particular building or ship. To allow characters to explore cyberspace, it’s best to think of zones as small “dungeon” in a fantasy setting. There’s an entrance node, one or more security nodes (guardrooms), data stores (treasure chambers), system nodes (workshops), and data tunnels (corridors). In order to explore these nodes, you’ll need to create a small map of how they interlink. How many of these nodes exist within a particular zone and what they contain vary, but here are a few node and the types of data usually contained. Discovering Nodes and Data Tunnels Notice is used to discover data tunnels leading out of a node. A success indicates that a new data tunnel has been found, while a success with a raise also reveals any existing backdoors. When a new pathway is discovered, information about the destination node is also revealed including node type and difficulty. Failure to spot new data tunnels does not affect the SWA index, but will reveal only the "Path of Least Resistance", and no information about the destination node. The "Path of Least Resistance" represents the data flow of the most commonly queried system data. This may not necessarily be the same data the players are interested in. In game terms, the Path of Least Resistance should allow the players to continue navigating the system even if the initial Notice roll was failed. Failed notice roll may not be reatempted. . Some data tunnels are referred to as Backdoors. Though difficult to spot, these backdoors are pathways left behind by system designers and administrators. Often these data tunnels circumnavigate security nodes or can be used to further disguise sensitive data. Some particularly devious developers have even created backdoors to prevent hackers from controlling certain security nodes, thus assuring that mobile ICEs may be launched when a SWA is issued. Entrance Node Entrance nodes are symbolized on the cyberspace zone map by a black circle. Most zones should have only a single entrance node. Few entrance nodes are protected but there is usually a security node along one of the data tunnels leading from it. Entrance nodes are automatically identified. Security Nodes Security nodes exist to stop intruders getting to sensitive data or system nodes. Security nodes have a difficulty number. The higher the rating, the more secure the node. Once a character has entered an active security node, he can choose to make either an opposed Stealth or Fighting roll. The Stealth roll represents a hacking attempt to quietly bypass security measures undetected while the Fighting rolls represents a malicious attempt to destroy or rewrite security programs. Both options have their own pros and cons. By successfully fighting the existing security programs, also known as Intrusion Countermeasure Electronics or ICEs, the player may take control of the security node and disable any further fixed or mobile ICEs from being uploaded. Controlled security nodes are freely traversed, but leaving nodes in such a state leaves behind obvious signs that intrusion occurred. Security settings may only be reset to Active from a System node. If the player fails the fight attempt, he is immediately pushed back one node and the node difficulty is increased by 1 die type. In addition, the SWA index is decreased by 1. On the other hand, a player may select stealth and attempt to slip past any fixed security programs undetected. Success means that the player may move through the security node unabated but does not gain control of the node. While this means that no trace of intrusion is caused, this node is still capable of creating both fixed and mobile ICEs. Furthermore, if this node is encountered again, the player must make another stealth or fighting roll to traverse it. If they roll is failed, the player may no longer make stealth attempts against this node, unless it is subsequently controlled and reactivated. Furthermore, the node difficulty increases by 1 die type, the SWA index decreased by 1, and the player is pushed out of the node. Security programs encountered while attempt to evade or destroy a security node are called Fixed ICEs. These ICEs are completely reactive and do not have the capability to exist outside of the security node from where they originate. Mobile security programs, or Mobile ICEs, are also created within security nodes but are only activated when the SWA index reaches zero. Mobile ICEs require massive amounts of memory to run and thus are typically set in stand-by mode. Data Nodes Many times it is the data node that a character is searching for. These represent the zone’s “hard drives,” containing all files relevant to the individual system, and maybe some hidden files as well. For instance, data nodes in a bank might contain personnel files, client accounts, and such like. In general, the more valuable the data, the better the protection. Data nodes aren’t protected by security within the node itself (that is usually found adjacent), but the data is usually encrypted. The encryption software continually changes the code, and is given a security rating as a die type. The higher the die, the harder the code. The character must make a Lockpicking roll opposed by the node’s rating die to access the data. With a success, the persona can now read all the data (see below). With a failure, the code changed too quick and the persona must try again. Upon failure, the player may make another attempt but the opposed roll is increased by one die type. If the die type exceeds 12 then the data becomes locked out for this session. A failed roll and SWA will decrease by 1, also If a 1 was rolled (regardless of Wild Die), the SWA index is also decreased by 1. Once the data is accessible, the persona must make an Investigation roll to find what he is looking for among all the dross. Although a success is all that is required, additional raises may give more information from cross-referencing files. Upon failure, the player may make another attempt but the opposed roll is increased by one die type. If the die type exceeds 12 then the node has detected an intruder and has re-encrypted the data. Data may be downloaded again with another successful Lockpicking roll (see above).. System Node System nodes are nodes which link to a physical system in the real world. This might be a building’s security cameras, fire sprinklers, automatic doors, and such like. Each system node controls only a single system, however. In many cases system nodes can be ignored. Of course, gaining control of the system node, and therefore the system it controls, may be the character’s objective. System nodes have a die type representing their resistance to interference. In addition, all security nodes can be reset to Active by gaining control over any system node. It cannot be stressed enough that doing so resets all security nodes within the local system, and cannot be used to reset only select nodes nor to disable any security nodes. To override the security protocols, the character must make a Lockpicking roll opposed by the node’s die. With a success, the user now controls the system the node operates. If the node controlled the air conditioning, for example, the user can now turn it up, down, or off as he wishes. With a failure, the code changed too quickly, the SWA increases by 1, and the character must try again. If the Lockpicking roll a 1, regardless of Wild Die, the die type is increased and the SWA index is decreased by 1. Other Nodes *Bridge Node -- Represented by a black dot, a bridge node is nothing more than an intersection of three or four data tunnels. Bridge nodes often indicate the presence of a backdoor. *Firewall -- Represented by two perpendicular line, firewall only allow data traffic through from one side only. A hacker can atempt to change the direction of the firewall with a sucessful Lockpicking roll, or break through it with a sucessful fighting roll. On either sucess the the firewall changes directions, but leaves obvious traces of an intruder. Sucess with a raise no trace is left. System Wide Alert Every known computer system uses a similar security platform when detecting unauthorized access. While these systems go by different names, all systems have been standardized to employ the System Wide Alert index as a way of determining the relative strength of security protocols. The System Wide Alert index, or SWA index, is the number of intrusion attempts a system is rated to handle before a System Wide Alert must be issued. System Wide Alerts, when triggered, deploy vastly superior VI programs to find and terminate unauthorized connections at the expense of massive amounts of memory, as well as the potential for significant power drain and network downtime. The SWA index is roughly calculated as double the amount of security nodes present within a system. In game terms, the SWA index is the number of failures a player may make will attempting to control or sneak past security nodes before mobile ICEs can be deployed. Also, some rolls of 1 may also affect the SWA index. Once the SWA index reaches zero, mobile ICEs are deployed from all Active security nodes and immediately pursue the intruding player. In addition, all active security nodes become locked out, requiring a successful Lockpicking roll to safely traverse in addition to the fighting or stealth roll. Alternating turns between player and program, the available mobile ICEs attempt to restrict player movements and slowly push them out of the system. Although mobile ICEs can be fought just like fixed ICEs, they are far more difficult to combat. Mobile ICE difficulty numbers are influenced by the node they originated from as well as the node they are currently loaded in. This can make them nearly impossible to beat. If an ICE cannot be defeated, the player is forced out of the current node, away from the ICE. There are several potential outcomes from being pushed back in such a manner. *If the destination node is occupied by another mobile ICE, the player must attempt to fight or sneak past that group as well. If the player fails again, his connection is immediately severed, which may result in damage to, or a trace put on the omni-tool. *If the destination node is an Active security node, the player must unlock the node and fight or sneak past the fixed ICEs stationed there. If the player fails either of these rolls, his connection is immediately severed. This may result in damage to, or a trace put on the omni-tool. *If the destination node is the Entry node, the player is immediately logged out. The omni-tool does not suffer damage in this event. Should the player successfully fight off the mobile ICE a new one will reload in the security node of origin after one round. Alarms When a System Wide Alert has been issued, a trace is immediately performed to determine the intrusion's point of origin. In most cases, if the hacking player is capable of logging out successfully (i.e. safely avoiding sudden session termination), then no alarms are sounded. However, sudden session terminations are easily traceable and if determined to be local, the player can expect security personnel to mobilize on their location. Successful Logout vs. Session Termination Hacking sessions may be terminated at any time by forcing the hacking program to close, moving too far away from the terminal, or by being forced out by security protocols. Sudden session terminations such as these create a terrible strain on the omni-tool which can result in tremendous damage to the tool, its programs and data, and possibly even the user himself. In normal circumstances, a user can powerdown the hacking program at any time and from any node. The user does not need to be in the entry node to successfully logoff. In the event of a System Wide Alert, a safe disconnect requires the user to be in the entry node before logging out. A safe logout may also occur if the user is pushed into the entry node by a security protocol. System Limitations New *A data or system node cannot be protected by a total security score of 12 to start. That means, at system design, a data node can at best be directly linked to a single security of 12, two security nodes of 6, or three security nodes of 4 (or any other combination of security nodes equaling 12 or less). *A node cannot have a backdoor with also having a "front door." *Security nodes many be chained together, but count towards the total security score of any nodes they are chained to. *Multiple Mobile ICEs cannot occupy the same node at once. They draw so many system resources that doing so would immediately crash the system, therefore protocols have been installed to prevent this from happening. *Mobile ICEs must move towards the intrusion event each round unless they are blocked by firewalls or other mobile ICEs. Mobile ICEs do not intentionally form blockades. Category: ME:N7 Rules